Even though Flash is set to reach its end of life at the end of 2020 and most of the development community has moved away from it a long time ago, from FireEye they predict that “we’ll see Flash being used as an infection vector for a while. Legacy technologies are juicy targets for attackers due to the lack of security updates”, says Carlos Garcia Prado in a blog post published in FireEye website.
FLASHMINGO provides malware analysts a flexible framework to quickly deal with pesky Flash samples without getting bogged down in the intricacies of the execution environment and file format.
“FLASHMINGO is a collection of plug-ins that operate on the SWFObject and extract interesting information. Users can easily extend the tool’s functionality via custom Python plug-ins”, explains Prado.
Several useful plug-ins covering a wide range of common analysis are already included with FLASHMINGO:
-
Find suspicious method names.
-
Find suspicious constants.
-
Find suspicious loops.
-
Retrieve all embedded binary data.
This tool can be downloaded from the FireEye public GitHub Repository.
For more details see the source article here.
0 Comments